US11388144B2ActiveUtilityA1

Session setup in network applications

45
Assignee: NPX USA INCPriority: Jun 5, 2018Filed: Jul 28, 2020Granted: Jul 12, 2022
Est. expiryJun 5, 2038(~11.9 yrs left)· nominal 20-yr term from priority
H04L 67/141H04L 63/0254H04L 63/0263H04L 69/22H04L 63/10H04L 63/1408
45
PatentIndex Score
0
Cited by
6
References
4
Claims

Abstract

A network security device configured to monitor and control incoming and outgoing network traffic allows for concurrently or parallel access to a network session table by multiple session managers in order to increase the network session setup rate within the device. Each of the multiple session managers can gain access to the session table in parallel with each other when the session managers are processing packets associated with different network sessions. Session managers utilize an identifier unique to each network session to be established in the network session table, which is used to determine which session managers can concurrently access the network session table.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A process performed in a device configured to monitor and control incoming and outgoing network traffic, the process comprising:
 determining whether a session table contains a network session pertaining to a first packet received by the device; 
 determining whether an access control list contains an access control rule for processing of the first packet when it is determined that the session table does not contain a network session pertaining to the first packet; 
 creating a first unique identifier associated with the first packet in response to determining that the access control list contains an access control rule for processing of the first packet; and 
 adding a first network session to the session table associated with the first packet while not permitting any other packet associated with the first unique identifier to be processed by a session manager until after the network session has been added to the session table. 
 
     
     
       2. The process as recited in  claim 1 , wherein the creating of the unique identifier comprises:
 generating a key from header field values of the first packet; and 
 generating a hash value of the key to create the first unique identifier to be associated with the network session. 
 
     
     
       3. The process as recited in  claim 1 , further comprising:
 creating a second unique identifier associated with a second packet received by the device; and 
 adding a second network session to the session table associated with the second packet, wherein session managers adding the first and second network sessions to the session table are granted concurrent access to the session table for adding their respective network sessions to the session table. 
 
     
     
       4. The process as recited in  claim 3 , wherein network sessions in the session table are configured to instruct the device as to whether to permit transfers of packets pertaining to the network sessions between networks coupled to the device.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.